From b2f7314d314bebc899de9194064440c379b0c198 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Wed, 24 Jun 2026 18:52:25 +0200 Subject: [PATCH] tests: harden sandbox sizing manifests for k8s cpu workloads MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Route runtime-rs tests to dedicated manifests/templates and ensure the CPU allocation workloads always carry explicit memory limits, avoiding Dragonball sandbox startup failures from InvalidMemorySize(0). Signed-off-by: Fabiano FidĂȘncio Assisted-by: Cursor --- .../kubernetes/k8s-sandbox-vcpus-allocation.bats | 10 ++++++++-- .../runtimeclass_workloads/pod-cpu-defaults.yaml | 5 +++++ .../kubernetes/runtimeclass_workloads/pod-cpu.yaml | 2 ++ .../runtimeclass_workloads/pod-number-cpu.yaml | 2 ++ .../pod-sandbox-vcpus-allocation.yaml | 5 +++++ tests/integration/kubernetes/tests_common.sh | 2 +- 6 files changed, 23 insertions(+), 3 deletions(-) diff --git a/tests/integration/kubernetes/k8s-sandbox-vcpus-allocation.bats b/tests/integration/kubernetes/k8s-sandbox-vcpus-allocation.bats index e24f88b4a8..47118ee1c1 100644 --- a/tests/integration/kubernetes/k8s-sandbox-vcpus-allocation.bats +++ b/tests/integration/kubernetes/k8s-sandbox-vcpus-allocation.bats @@ -31,8 +31,14 @@ setup() { # Create the pods kubectl create -f "${yaml_file}" - # Wait for completion - kubectl wait --for=jsonpath='{.status.phase}'=Succeeded --timeout=$timeout pod --all + # Wait for each test container to terminate successfully. Using container + # termination state is more robust than pod phase checks, which can lag. + for pod in "${pods[@]}"; do + kubectl wait \ + --for=jsonpath='{.status.containerStatuses[0].state.terminated.reason}'=Completed \ + --timeout=$timeout \ + "pod/${pod}" + done # Check the pods for i in {0..2}; do diff --git a/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu-defaults.yaml b/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu-defaults.yaml index 7973ea1bbc..ee227af14c 100644 --- a/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu-defaults.yaml +++ b/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu-defaults.yaml @@ -13,3 +13,8 @@ spec: - name: default-cpu-demo-ctr image: quay.io/prometheus/busybox:latest command: ["tail", "-f", "/dev/null"] + resources: + limits: + memory: "128Mi" + requests: + memory: "64Mi" diff --git a/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu.yaml b/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu.yaml index 976bf44236..0ca927ecd2 100644 --- a/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu.yaml +++ b/tests/integration/kubernetes/runtimeclass_workloads/pod-cpu.yaml @@ -18,5 +18,7 @@ spec: resources: limits: cpu: "1" + memory: "128Mi" requests: cpu: "500m" + memory: "64Mi" diff --git a/tests/integration/kubernetes/runtimeclass_workloads/pod-number-cpu.yaml b/tests/integration/kubernetes/runtimeclass_workloads/pod-number-cpu.yaml index acbc89fce7..e17bd61ce9 100644 --- a/tests/integration/kubernetes/runtimeclass_workloads/pod-number-cpu.yaml +++ b/tests/integration/kubernetes/runtimeclass_workloads/pod-number-cpu.yaml @@ -16,6 +16,7 @@ spec: resources: limits: cpu: "500m" + memory: "128Mi" - name: c2 image: quay.io/prometheus/busybox:latest command: @@ -24,3 +25,4 @@ spec: resources: limits: cpu: "500m" + memory: "128Mi" diff --git a/tests/integration/kubernetes/runtimeclass_workloads/pod-sandbox-vcpus-allocation.yaml b/tests/integration/kubernetes/runtimeclass_workloads/pod-sandbox-vcpus-allocation.yaml index d5b1aaff6e..1ceb19973d 100644 --- a/tests/integration/kubernetes/runtimeclass_workloads/pod-sandbox-vcpus-allocation.yaml +++ b/tests/integration/kubernetes/runtimeclass_workloads/pod-sandbox-vcpus-allocation.yaml @@ -15,6 +15,9 @@ spec: containers: - name: vcpus-less-than-one-with-no-limits image: quay.io/prometheus/busybox:latest + resources: + limits: + memory: "128Mi" command: ['nproc', '--all'] restartPolicy: Never --- @@ -32,6 +35,7 @@ spec: resources: limits: cpu: "0.25" + memory: "128Mi" command: ['nproc', '--all'] restartPolicy: Never --- @@ -49,5 +53,6 @@ spec: resources: limits: cpu: "1.2" + memory: "128Mi" command: ['nproc', '--all'] restartPolicy: Never diff --git a/tests/integration/kubernetes/tests_common.sh b/tests/integration/kubernetes/tests_common.sh index edc1ee09a7..f76566c07a 100644 --- a/tests/integration/kubernetes/tests_common.sh +++ b/tests/integration/kubernetes/tests_common.sh @@ -223,7 +223,7 @@ remove_kata_runtime_config_dropin_file() { } is_runtime_rs() { - [[ "${KATA_HYPERVISOR}" == *-runtime-rs ]] + [[ "${KATA_HYPERVISOR}" == *-runtime-rs ]] || [[ "${KATA_HYPERVISOR}" == "dragonball" ]] } # Copy the right combination of drop-ins from drop-in-examples/ into